Hacker 10 – Security Hacker

Hacker10

  • Hide data inside JPEG images using SteganPEG

    Hide data inside JPEG images using SteganPEG

    With SteganPEG you can hide files inside JPEG images without altering them to the human eye, being JPEG one of the most common file formats that exist that will reduce suspicions when you upload it to a website, facilitating covert communications, flickr is an example of a website that can be used to share secret stego messages embedded in pictures with nobody noticing.

    You can password protect your files, even if someone analyses the image they will still need to know the passphrase to see the data although there is no mention of encryption being used to cipher the file, this is still better than nothing and enough for low security needs, another nifty feature of this open source stego software is that it shows you how much space remains available on a picture to hide data inside it.

    The hidden data you insert inside the JPEG is compressed first, you can hide any kind of file, text, images inside images or executables but the bigger the file the more difficult it will be to fit in inside the JPEG.

    This steganography software only supports DCT based Baseline Sequential JPEG images, the most widely used JPEG compression, when you download SteganPEG you also get the source code and can look at or modify it at your own discretion.

     

    SteganPEG open source steganography
    SteganPEG open source steganography

     

    Steganography vs. Cryptography

    While cryptography ciphers your data and makes it available to only those with the right passphrase, steganography hides your confidential files making it impossible for someone to investigate and try to extract something whose existence is not obvious.

    Steganography does not use cryptography per se, it uses the spare bits that files have and use them up to hide data inside them, it is possible to detect and extract that data with specialist steganography detection tools that is why high security steganography software will also include encryption.

    For those living under oppressive regimes and subjected to strict communications monitoring, and those living in places where they must hand over their encryption password to the authorities to avoid punishment, steganography is the ideal covert communication method, it has long been used by spies from worldwide agencies, Russian spies in the US in 2010 used steganography software to post photos on the Internet with embedded messages hidden in them.

    Get SteganPEG from Softpedia

  • List of programs to digitally sign PDF documents offline

    List of programs to digitally sign PDF documents offline

    A digital signature consists of a mathematical scheme to establish the authenticity of a digital message or document and protect it from tampering, it normally uses PKA (Public Key Algorithms) to digitally sign the message or document.

    A digital signature uses asymmetric cryptography and it provides with more security than a handwritten signature because it attests to the identity of the signer as well as the integrity of the document, the slightest change in the document will make the digital signature verification process to fail.

    Offline software to digitally sign documents

    PDFStudio Pro: Paid PDF managing software for Windows, Mac and Linux, the main function of this program is to create and interact with PDF documents but it has the capability of digitally signing them. Digital signatures can be created or imported from an existing stamp, PDFStudio can batch process multiple PDF, optimize, add watermarks, annotate and password protect in between many other things, and all round very complete PDF editing program.

    PDFStudio Pro digital signing documents
    PDFStudio Pro digital signing documents

    JSignPDF: Open source freeware program to digital sign pdf files with a visible a digital signature, image or description. It supports batch processing although only via command line, JSignPDF timestamps the document and allows you to choose the hash algorithm and certification level. JSignPDF can be used as a standalone application or as an add-on in OpenOffice.org, you will need Java installed in your computer to use it.

    JSignPDF free digital signature software
    JSignPDF free digital signature software

    Portable Signer: This free open source application based in Java, and platform independent (works in Linux, MAC and Windows) will digitally sign your PDF documents using standard X.509 certificates, the signed documents are read only. This program to digitally sign documents is made available by the Municipality of Vienna (Austria) and its signature block complies with Austrian e-government rules.

    PortableSigner-PDF-digital-signatures
    PortableSigner PDF digital signing software

    PDFsigner: Windows PDF signing software that creates digital signatures using standard X.509 certificates and it also verifies digital signatures to make sure that a document has not been tampered with. Its digital signatures are visible with most PDF readers and there is support for smartcards and signing documents in bulk, the interface is very intuitive and easy to use even for novices.

    PDFSigner digital signing software
    PDFSigner digital signing software
  • Use JPEGSnoop to discover if a digital photo is real or fake

    Use JPEGSnoop to discover if a digital photo is real or fake

    It is very hard to know by just looking if a digital picture has been altered with a graphical editor or it is being presented on its original and raw format. Digital cameras embed all kind of metadata in the pictures they take, data about data found in the digital photographs inside EXIF (Exchangeable image file format).

    JPEGSnoop is a tiny portable open source program that goes beyond extracting EXIF metadata, this free application can indicate the quality of the JPEG image compression used by the camera saving the file, JPEGSnoop uses the fact that each digital camera has different and specific compression quality levels when taking a picture and it compares that unique pattern against its large database of compression signatures reporting what digital camera or graphical editor was used to generate the image, being able to determine if a photograph is truly original or it has been edited with a graphics editor like Photoshop, software graphical editors unique compression signatures are included too in JPEGSnoop database.

    JPEGsnoop reports countless of other details, EXIF / IPTC metadata, Huffman table decode, quantization table matrix (chrominance and luminance), chroma subsampling, JPEG saving settings, JPEG resolution settings, RGB histograms, etc. People who do not need that technical wealth of information about a digital picture can just skip it and look at the EXIF data instead, which normally includes basics like location, model of camera used and date and time.

     

    JPEGSnoop digital photo forensics
    JPEGSnoop digital photo forensics

    JPEGSnoop can open .jpg, .thm (thumbnail), .avi, .dng (digital negatives), .pdf, .mov and extract embedded JPEG files from within them. If the photograph is corrupted and can no longer be viewed JPEGSnoop will try to recover the photograph thumbnail if there is one. This application can be of great use for home users wondering if that famous celebrity in the digital picture is a fake or real photo and it will also be of use for digital image forensic experts and amateur photographers alike.

    There is other software capable of retrieving photographs metadata but JPEGSnoop stands out from the crowd by being the only one I know of able to tell you if the picture was edited with a graphical editor.

    Visit JpegSnoop homepage

  • SpiderOak, online data back up with encryption

    SpiderOak, online data back up with encryption

    When computer disaster strikes you will want to be sure a back up copy of your data exists, forget about trying to recover data from a dead hard disk, drives do not last for ever and the most cost effective and trouble free way to be prepared for when your hard drive dies is by storing a data back up copy, at the very least in weekly intervals.

    At the moment the cheapest way to back up an operating system is offline using an external hard disk, the downside is that in case of a fire breaking out it would also destroy your offline data backup, that is why big corporations tend to keep their data backups stored at different buildings, the home user does not have this luxury but we can use online data storage.

    With SpiderOak you can backup, synchronize, and share data across all of your computers, there is a free and paid for option, the only difference between them being that in the free option storage space is much lower.

    SpiderOak encrypted online data storage
    SpiderOak encrypted online data storage

    The way I have been using SpiderOak until now is by creating a folder named “online backup” and pointing SpiderOak to upload and synchronize all of the data inside it. The initial backup takes quite a while, particularly if your upload speed is slow, once the initial backup has been done this back up utility runs in the background and automatically syncs any data changes inside that folder, which is much quicker, you can instruct SpiderOak to start automatically when you boot Windows, for what I have seen it runs on very low resources.

    Everything uploaded to SpiderOak is done via secure SSL, their servers keep all of the data encrypted with the unbreakable AES256 algorithm, even if someone managed to break into their server they would not be able to read the data. You create the encryption password in your computer, SpiderOak staff never has access to it, if you lose your password there is no way to recover your data, it has been made this way for privacy reasons, if a member of staff went rogue your data would still be safe.

    You can share your files stored online with others creating a local “Share room” marking chosen specific files as shared and SpiderOak will give you a link leading to that shared room/folder that can be protected with a password. Now you can send the link to whoever you want and share your files safely, your local “Share room” is automatically synchronized with any changes you make and SpiderOak software works in Windows, MAC and Linux.

    There are many online data backup solutions out there but very few of them use encryption and take security as seriously as SpiderOak does, up to the point that no even themselves can access the data they are storing. Being compatible across computers and running on very low resources makes this online backup service is one of the best for security conscientious people.

    Visit SpiderOak homepage

  • Predict hard disk failure with Acronis Drive Monitor

    Predict hard disk failure with Acronis Drive Monitor

    It is very hard to predict when a hard disk will fail, Acronis Drive Monitor is a free hard disk monitoring tool that will alert you before a hard disk crash. Acronis Drive Monitor will avoid data loss by monitoring the physical hard disk health using S.M.A.R.T. (Self-Monitoring, Analysis and Reporting Technology) readings and warning you before the drive fails.

    A colour coded summary provides an overview of the disk’s health at a glance, in addition, when it detects a problem it will generate an onscreen alert or send and email depending on configuration.

    This free hard disk monitoring tool will warn you if no back up software has been found in the computer, it is inevitable that all hard disks will fail one day, nothing lasts forever, everyone should have a back up solution put into place it is highly responsible to warn users about this, even if Acronis is trying to push its paid for back up software in the process.

     

    Acronis Drive Monitor software
    Acronis Drive Monitor software

     

    Acronis Drive Monitor main features

    • Hard disk health monitoring in the background
    • Monitoring of event logs for possible problems
    • Email alerts in case of hard disk complications
    • Weekly hard disk electromechanical status report
    • Support for RAID hard drive configuration

    This Acronis product integrates very well with the rest of the premium Acronis home and business software but you do not need to have any of those installed in order to use it, Acronis Drive Monitoring seems to have been released with the freemium market in mind, where people are given something for free with the hope that they will upgrade to a paid for product with more features.

    This hard disk monitoring tool does an excellent job, is easy to use and it is on a par with paid for hard disk diagnostics software.

    Visit Acronis Drive Monitor homepage

  • Automate software updates with Secunia Personal Software Inspector

    Automate software updates with Secunia Personal Software Inspector

    This free PC computer security tool comes from one of the World’s leading providers of computer vulnerability assessment companies, Secunia Personal Software Inspector (PSI) aka Secunia PSI.

    After installing Secunia Personal Software Inspector it will scan your computer and provide you with a comprehensive list of all the software present checking if it can be updated to a newer more secure version, if possible, you will given direct links to patches and program updates.

    Secunia Personal Software Inspector runs in the background by default, constantly monitoring new applications and updates, its advanced interface displays all kind of information about your installed software, if this overwhelms you, it is possible to switch to an easier to use simple interface only listing easy to upgrade software.

    A “Secure Browsing” tab reports your browser version and plugins, ActiveX controls, Firefox addons installed in the browser, another tab called “End of Life” gives you quick access to Add/Remove Programs, the listed software’s folder, and online references, the whole process comes with complete instructions and explanations about how the software works giving you peace of mind.

     

    Secunia Personal Software Inspector
    Secunia Personal Software Inspector

    Trojans and viruses routinely exploit old unpatched software, make sure to run this free home computer vulnerability scanner and combine it with a good antivirus and firewall, it should be enough for the average computer user to avoid getting hacked, it makes for a nice alternative to CNET techtracker.

    Visit Secunia Personal Software Inspector

  • iSpy converts your computer webcam into surveillance CCTV

    iSpy converts your computer webcam into surveillance CCTV

    This free open source software will use your computer webcam and microphone for remote surveillance, you can use the built-in webserver on iSpy website to view captured media. If you need to monitor your home while you are away just leave your computer on and iSpy will stream live images to you of what is happening, including sound, if you wish so you can use your smartphone to monitor the live cam. All captured media is compressed to flash video.

    iSpy webcam surveillance software
    iSpy webcam surveillance software

    iSpy will detect movement and send you and alert via SMS or email when that happens if you want to,webcam movement detection areas can be customized to point towards an specific location such as the frontdoor.

    iSpy latest supported features

    • Add unlimited number of active floor plans
    • Control PTZ enabled IP cameras
    • Listen to and monitor remote microphones live over the network
    • Pair video and audio sources for capturing movies with sound
    • Upload to YouTube – auto upload captured content

    Possible uses for iSpy are to watch over your family, pets, and business and set up a security system at your home when you go on holidays.

    Premium surveillance cam alternatives to iSpy

    If you need a premium alternative to iSpy, perhaps to secure your business, then check out VitaminD and GoToCamera. If you need a mobile phone applet that works the same like iSpy does, check out Spycam Lizard.

    Visit iSpy homepage